2 results (0.069 seconds)

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 3

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges. Vulnerabilidad en libuser en versiones anteriores 0.56.13-8 y 0.60 en versiones anteriores a 0.60.7, tal como se utiliza en el programa userhelper en el paquete usermode, modifica directamente /etc/passwd, lo que permite a usuarios locales provocar una denegación de servicio (estado de archivo inconsistente) causando un error durante la modificación. NOTA: este problema se puede combinar con CVE-2015-3245 para obtener privilegios. A flaw was found in the way the libuser library handled the /etc/passwd file. • https://www.exploit-db.com/exploits/37706 https://www.exploit-db.com/exploits/44633 http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163044.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162947.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00000.html http://rhn.redhat.com/errata/RHSA-2015-1482.html http://rhn.redhat.com/errata/RHSA-2015-1483.html http://www.securityfocus.com/bid/76022 http://www.securitytracker.com/ • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 2.1EPSS: 0%CPEs: 7EXPL: 3

Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field. Vulnerabilidad de lista negra incompleta en la función chfn en libuser en versiones anteriores a 0.56.13-8 y 0.60 en versiones anteriores a 0.60-7, tal como se utiliza en el programa userhelp en el paquete usermode, permite a usuarios locales provocar una denegación de servicio (/etc/passwd corruption) a través de un caracter de nueva línea en el campo GECOS. It was found that libuser, as used by the chfn userhelper functionality, did not properly filter out newline characters in GECOS fields. A local, authenticated user could use this flaw to corrupt the /etc/passwd file, resulting in a denial-of-service on the system. • https://www.exploit-db.com/exploits/37706 https://www.exploit-db.com/exploits/44633 http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163044.html http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162947.html http://rhn.redhat.com/errata/RHSA-2015-1482.html http://rhn.redhat.com/errata/RHSA-2015-1483.html http://www.securityfocus.com/bid/76021 http://www.securitytracker.com/id/1033040 https://access.redhat.com/articles/1537873 https://www.qu • CWE-20: Improper Input Validation CWE-138: Improper Neutralization of Special Elements •